urlscan.io logo urlscan.io
SecurityTrails logo

bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link Open in urlscan Pro
2602:fea2:2::1  Public Scan

Go To Rescan Add Verdict Report
URL: https://bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link/
Submission: On January 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 6 domains to perform 8 HTTP transactions. The main IP is 2602:fea2:2::1, located in United States and belongs to PROTOCOL, US. The main domain is bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link.
TLS certificate: Issued by R3 on November 20th 2023. Valid for: 3 months.
This is the only time bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2602:fea2:2::1 40680 (PROTOCOL)
1 2a04:4e42:600... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 38.91.101.241 63023 (AS-GLOBAL...)
8 5
Apex Domain
Subdomains		 Transfer
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6331
441 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
14 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
78 KB
1 dweb.link
bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link
6 KB
0 ygaigakg.online Failed
vp3gahjt9y.ygaigakg.online Failed
0 gkalga.online Failed
109em9levss.gkalga.online Failed
8 6
Domain Requested by
1 pro.ip-api.com code.jquery.com
1 cdnjs.cloudflare.com bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link
1 code.jquery.com bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link
1 bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link
0 vp3gahjt9y.ygaigakg.online Failed
0 109em9levss.gkalga.online Failed code.jquery.com
8 6

This site contains no links.

Subject Issuer Validity Valid
dweb.link
R3		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-21 -
2025-01-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link/
Frame ID: F3DA58C08E5F770EF01CD92917F50548
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

50 %
HTTPS

75 %
IPv6

6
Domains

6
Subdomains

5
IPs

1
Countries

99 kB
Transfer

325 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link/ 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
82e2bf8233572cbd73cc0b883c2cfd53fdb904454727f69b82390ef1887ab840
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-methods
GET HEAD OPTIONS GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
cache-control
public, max-age=29030400, immutable
content-encoding
gzip
content-type
text/html
date
Mon, 01 Jan 2024 08:07:51 GMT
etag
W/"bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia"
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
x-ipfs-lb-pop
gateway-bank3-dc13
x-ipfs-path
/ipfs/bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia/
x-ipfs-pop
rainbow
x-ipfs-roots
bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia
x-proxy-cache
MISS
jquery-1.9.1.js
code.jquery.com/ 		262 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.js
Requested by
Host: bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link
URL: https://bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 08:08:37 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
9294309
x-cache
HIT, HIT
content-length
79506
x-served-by
cache-lga21952-LGA, cache-mia-kmia1760035-MIA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1704096517.326251,VS0,VE0
etag
W/"28feccc0-4185d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
757, 87
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
Requested by
Host: bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link
URL: https://bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 08:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4316817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13972
last-modified
Sat, 14 Aug 2021 20:33:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61182885-3694"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpd4Q4s0Z95QbYv%2Fu3ks1bG4MqUpukkcGIvejlo1P4aMeO7QXoRw6SPRv%2FE13r4W4fWk3q5zThllj2jlPaY7VwfEDWdUrj9L4PMFZABxtPLdzAGOD%2FdYOeoUDvqvTJ%2BGEEpOMTd1ym1d0wRNfEtfYckA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83e94682185031f5-MIA
expires
Sat, 21 Dec 2024 08:08:37 GMT
preload-outlook.gif
109em9levss.gkalga.online/static/media/ 		0
0
preload-outlook.gif
vp3gahjt9y.ygaigakg.online/static/media/ 		0
0
/
pro.ip-api.com/json/ 		285 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?key=pD3jjrEbn4o2CQ1
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
38.91.101.241 New York, United States, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
us-ny-1.pro.ip-api.com
Software
/
Resource Hash
29ca98ad87686b48453e8cfd48ed518326ce879c6e5022cceaf72c766e034d78

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://bafkreiec4k7yem2xfs6xhtalra6cz7kt7w4qirkhe73jxarzb3yyq6vyia.ipfs.dweb.link/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 01 Jan 2024 08:08:38 GMT
Content-Length
285
Content-Type
application/json; charset=utf-8
/
109em9levss.gkalga.online/obufsssssssscaaatoion/ 		0
0
/
109em9levss.gkalga.online/obufsssssssscaaatoion/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
109em9levss.gkalga.online
URL
https://109em9levss.gkalga.online/static/media/preload-outlook.gif
Domain
vp3gahjt9y.ygaigakg.online
URL
https://vp3gahjt9y.ygaigakg.online/static/media/preload-outlook.gif
Domain
109em9levss.gkalga.online
URL
https://109em9levss.gkalga.online/obufsssssssscaaatoion/
Domain
109em9levss.gkalga.online
URL
https://109em9levss.gkalga.online/obufsssssssscaaatoion/

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| _0x29eb3d function| _0x30bc2b function| _0x1f395d function| _0x4481aa function| _0x57ce6b function| _0x4deea0 function| _0x11eb27 function| _0x58143b function| _0x26732e function| _0x2886d7 function| _0x386e8e function| _0x225fa2 function| _0x20c5d7 function| _0x586a9c function| _0x308c84 function| _0x3f9c31 function| _0x77b296 function| _0x4c3678 function| _0x487c function| _0x5afb object| div1 string| Page_type string| IGOBZL string| cbbg string| fPDVapQs string| kaka90nal string| ka45k459final2 string| kak0011afinal string| getjsonnn number| countttingerr function| $ function| jQuery object| CryptoJS

0 Cookies

4 Console Messages

Source Level URL
Text
network error URL: https://109em9levss.gkalga.online/static/media/preload-outlook.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://vp3gahjt9y.ygaigakg.online/static/media/preload-outlook.gif
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://109em9levss.gkalga.online/obufsssssssscaaatoion/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://109em9levss.gkalga.online/obufsssssssscaaatoion/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload